Kaspersky Container Security
- Kaspersky Container Security 2.0 Help
- About the Kaspersky Container Security platform
- Solution architecture
- Standard deployment schemes
- Preparing to install the solution
- Solution installation
- Installing the basic business logic module and scanner
- First launch of the Management Console
- Viewing and accepting the End User License Agreement
- Checking solution functionality
- Agent deployment
- Viewing and editing agent groups
- Configuring a proxy server
- Connecting to external data storage resources
- Installing private fixes
- Removing the solution
- Updating the solution
- Solution interface
- Licensing the solution
- Data provisioning
- Working with clusters
- View the list of clusters
- Namespaces in the cluster
- Pods in the cluster
- Visualization of cluster resources
- Working with images from registers
- Investigating security events
- Analyzing container forensics
- Searching container forensics
- Detailed information about a running process
- Detailed information about file operations
- Details information about network traffic
- Detailed information about detected malicious objects
- Restrictions on runtime policies
- Investigating container forensics while accounting for adjacent events
- Analyzing detected vulnerabilities
- Analyzing container forensics
- Integration with third-party resources
- Setting up integration with external image registries
- Minimum sufficient rights for integration with registries
- Working with public registries without authorization
- Adding integrations with external image registries
- Viewing information about integrations with registries
- Deleting integration with external registry
- Harbor integration
- Creating an integration upon Harbor request
- Viewing and editing the Harbor External Integration settings
- Rescanning
- Integration with CI/CD
- Artifact scanning in CI/CD processes
- Configuring integration with GitLab CI/CD
- Configuring integration with Jenkins CI/CD
- Configuring integration with TeamCity CI/CD
- Defining the path to container images
- Monitoring the integrity and origin of images
- Running the scanner in SBOM mode
- Running the scanner in lite SBOM mode
- Getting scan results in JSON or HTML format
- Specifying secrets when starting a scan
- Configuring integration with image signature validators
- Setting up integration with notification outputs
- Configuring LDAP server integration
- Configuring integration with SIEM systems
- Integrating with HashiCorp Vault
- Setting up integration with external image registries
- Security policies configuration
- Scanner policies
- Assurance policies
- Response policies
- Runtime policies
- Creating a runtime policy
- Editing runtime policy settings
- Managing container runtime profiles
- Managing runtime autoprofiles
- Deleting policies
- Compliance check
- Configuring and generating reports
- File Threat Protection
- Users, roles, and scopes
- Managing users
- About user roles
- Working with system roles
- Displaying list of roles
- About scopes
- Scopes and enforcement of security policies
- Switching between scopes
- Adding users, roles, and scopes
- Resetting password for user accounts
- Changing settings for users, roles, and scopes
- Removing users, roles, and scopes
- Using Kaspersky Container Security OpenAPI
- Security event log
- Information about the status of solution components
- Ensuring safety and reliability of components
- Managing the dynamics of data accumulation
- Backing up and restoring data
- Contacting Technical Support
- Sources of information about the application
- Limitations and warnings
- Vulnerabilities in third-party services
- Glossary
- Third party code information
- Trademark notices
- ATT&CK MITRE Terms of Use
Security policies configuration > Scanner policies > Configuration of sensitive data detection rules
Configuration of sensitive data detection rules
Configuration of sensitive data detection rules
The list of configured rules for detecting sensitive data (hereinafter referred to as Secrets) during image scanning is displayed in the Policies → Scanner policies → Sensitive data section.
The rules are grouped into categories depending on the purpose and scope of secrets to be detected. The list of categories is determined by the Kaspersky Container Security manufacturer. Categories contain predefined rules.
You can use the list to do the following:
- View and change the settings for secrets detection rules. You can open the editing window by clicking the rule ID link.
- Add new rules to the selected category. Click the Add rule button located above the table to open the integration settings window. To add rules that do not belong to any of the preset categories, use the Other category.
- Delete rules. Check the box next to one or more rules in the list. The delete icon is then displayed.
To change the settings of sensitive data detection rules:
- In the table, in the Policies → Scanner policies → Policies section, select the scanner policy.
- In the Sensitive data section, select the necessary rules by selecting the check boxes in the rule lines.
- Use the Disable / Enable toggle switch in the Status column in the table with the list of policy rules to enable or disable this policy component.
Do not click the Save button.
Kaspersky Container Security immediately applies the changes to the sensitive data settings and displays the corresponding notification. You can also refresh the page to see the settings change.
Article ID: 250398, Last review: May 20, 2025